Yazılar

India’s TCS Confirms No Systems Compromised in Marks & Spencer Cyberattack

/in /tarafından

Tata Consultancy Services (TCS) stated that none of its systems or users were compromised in the recent cyberattack affecting British retailer Marks & Spencer (M&S), a client of over ten years.

At its annual shareholder meeting, independent director Keki Mistry said, “As no TCS systems or users were compromised, none of our other customers are impacted.” He added that the ongoing investigation into the M&S breach does not involve TCS systems.

This marks the first public comment from India’s largest IT services firm on the cyberattack. M&S did not immediately respond to requests for comment.

TCS provides technology services to M&S and secured a $1 billion contract in early 2023 to modernize the retailer’s legacy technology, focusing on supply chain and omnichannel sales improvements.

The cyberattack, disclosed by M&S in April, is described as “highly sophisticated and targeted.” It is expected to cost M&S approximately £300 million ($403 million) in lost operating profit, with online service disruptions anticipated until July.

Last month, the Financial Times reported that TCS was internally investigating whether its systems were used as a gateway for the cyberattack.

Mistry chaired the shareholder meeting, while Tata Group Chairman N Chandrasekaran was absent due to urgent matters related to a recent Air India plane crash in Ahmedabad, which killed 241 of the 242 passengers onboard.

Marks & Spencer Resumes Online Orders After 46-Day Cyberattack Shutdown

/in /tarafından

British retailer Marks & Spencer (M&S) has resumed online orders for its clothing range after a 46-day suspension due to a cyberattack. The company’s shares rose 3.5% following the restart of standard home deliveries in England, Scotland, and Wales for most clothing items.

An M&S spokesperson noted that not all products are currently available online, with the initial focus on best-selling and new items. The retailer plans to expand the available product selection daily. Deliveries to Northern Ireland, as well as click-and-collect, next-day, nominated-day, and international delivery services, are expected to resume in the coming weeks.

M&S halted clothing and home orders through its website and app on April 25 after technical issues during the Easter holiday weekend disrupted contactless payments and click-and-collect services. The company had initially disclosed managing a “cyber incident” on April 22.

Last month, M&S projected that online disruptions would continue into July and estimated the financial impact at approximately £300 million ($404 million) in lost operating profit for the 2025/26 financial year. However, the company aims to reduce this loss through insurance claims and cost-cutting measures. The cyberattack also interfered with M&S’s supply chain, hindering its ability to stock stores during a period of high demand driven by warm weather.

Industry analysts anticipate that the upcoming end-of-season sale will feature larger inventories and deeper discounts than usual. Despite Tuesday’s share price recovery, M&S shares remain 9.5% lower since the cyberattack was first reported.

The breach occurred when hackers exploited a vulnerability by deceiving employees at a third-party contractor, allowing them to bypass M&S’s digital security measures. In response, M&S plans to use this incident as an opportunity to accelerate technological upgrades.

In recent weeks, several global retailers have reported similar cyber incidents, including UK grocer the Co-op Group, German sportswear brand Adidas, luxury jeweller Cartier, and U.S. lingerie retailer Victoria’s Secret.

M&S Faces $400 Million Hit from Cyberattack, Online Disruption to Last Into July

/in /tarafından

Marks & Spencer (M&S) confirmed on Wednesday that the cyberattack disclosed in April will cost the British retailer approximately £300 million ($403 million) in lost operating profit, with disruption to its online operations expected to continue into July.

The attack, described by the company as “highly sophisticated and targeted“, forced M&S to shut down its automated stock systems, temporarily reverting to manual, pen-and-paper processes to manage billions of pounds worth of fresh food, clothing, and home goods. The fallout led to empty food shelves, delayed deliveries, and significant customer dissatisfaction.

Financial and Operational Impact

The cyberattack has been a major blow to M&S during a crucial period in its ongoing turnaround strategy. It has already:

  • Wiped more than £1 billion off M&S’s market value,

  • Halted online clothing, home and beauty sales, which have been “heavily impacted”,

  • Caused reduced food availability, higher waste, and increased logistics costs.

Despite this, in-store sales have remained “resilient,” and food sales recovered over the past week.

CEO Stuart Machin said the company expects 85% of online clothing and home items to be back on the site in the coming weeks. However, the full system restart will continue into July.

M&S reported £984.5 million in operating profit for the year ended March 29. It expects to mitigate some of the projected £300 million loss through insurance claims, cost-saving measures, and operational recovery.

Source and Method of Breach

Machin reiterated that the breach did not result from a failure in M&S’s own cybersecurity infrastructure. Instead, hackers gained access via “social engineering” at a third-party contractor. The attackers used deceptive methods to trick employees, breaching external access points rather than M&S’s internal systems.

“We didn’t leave the door open. This wasn’t anything to do with underinvestment,” said Machin.

The National Crime Agency has linked the incident to a group of young, English-speaking hackers, part of a wider pattern of cyberattacks affecting UK institutions including the British Library, London Underground, and blood testing services.

Market Reaction and Outlook

Despite the disruption, M&S shares rose 2% on Wednesday, reflecting investor confidence in the company’s recovery efforts. The stock is still down 9% since the attack.

Archie Norman, M&S chairman, acknowledged the setback but remained optimistic about the company’s broader transformation:

“Just as you think you’re onto a good streak, events have a way of putting you on your backside.”

Analysts said M&S’s strong underlying performance — with adjusted pretax profit up 22.2% and sales rising 6.1% to £13.9 billion — suggests its turnaround remains intact. The clothing and food divisions both gained market share, reinforcing the company’s momentum before the attack.

Nevertheless, competitors like Next, John Lewis, Tesco, and Sainsbury’s may benefit from M&S’s temporary online absence.

Cybersecurity Response

M&S stated that it will use the crisis to accelerate improvements in its technology infrastructure, emphasizing the importance of resilience in the face of rising global cyber threats.

The retailer also disclosed a £248.5 million non-cash impairment charge, linked to longer-term digital and operational investments affected by the incident.